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DECRYPT BLOCK INFORMATION TABLE KEY 
AND CONTENT KEY WITH SESSION KEY TO 
DECRYPT BLOCK INFORMATION TABLE 


^v/S74 


GENERATE INTEGRITY CHECK VALUE B 
FROM BLOCK INFORMATION TABLE KEY. 
CONTENT KEY. AND BLOCK INFORMATION 
TABLE AND COMPARE IT WITH ICVb 

roK 



CALCULATE INTERMEDIATE INTEGRITY CHECK L-L/S76 
VALUE FROM ICVa. ICVb, AND CONTENT 
INTEGRITY CHECK VALUE 


< LOCALIZATION FIELD SET TO 1? 


S77 


S78 


VP- 


N0{~ 


CALCULATE TOTAL 
INTEGRITY CHECK 
VALUE ICVt 


~),YES 


CALCULATE INTEGRITY^ 580 
CHECK VALUE ICdev 


S79 

ngT 


S84 


VERIFY TOTAL 
INTEGRITY CHECK 
VALUE ICVt 



VERIFY INTEGRITY 
CHECK VALUE 

ICVdev 


OKI 


I 


HOK 


S81 

NG 


ERROR 


DECRYPT CONTENT BLOCK 

I 


< VERIFY ICV OF CONTENT BLOCK 
|0K 

RETURN > 


K/S82 
,S83 
NG _ 


ERROR 


"K/S84 


CONTENT REPRODUCTION PROCESS 


FIG. 28 
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RECEIVE DATA (EX. BLOCK INFORMATION TABLE KEY Kbit, 
CONTENT KEY Keen) ENCRYPTED WITH SESSION KEY Kses. 
FROM RECORDING AND REPRODUCING DEVICE 

^v/S3001 




COMMAND NUMBERS p-s 

y 

r 



RECORDING DEVICE STORES IN REGISTER, DATA 
(EX. BLOCK INFORMATION TABLE KEY Kbit, CONTENT 
KEY Kcon) RECEIVED FROM RECORDING AND REPRODUCING 
DEVICE AND ENCRYPTED WITH SESSION KEY Kses 

^v/S3002 

\ 

i 



TAKE DATA (EX. BLOCK INFORMATION TABLE KEY Kbit, 
CONTENT KEY Kcon) ENCRYPTED WITH SESSION KEY Kses 
OUT FROM REGISTER AND DECRYPT THEM WITH 

SESSION KEY Kses 

,-v^S3003 

\ 

t 



USE STORAGE KEY KsTR TO ENCRYPT DATA (EX. BLOCK 
INFORMATION TABLE KEY Kbit, CONTENT KEY Kcon) 
DECRYPTED WITH SESSION KEY Kses 

^x-/S3004 





i 



STORE DATA (EX. BLOCK INFORMATION TABLE KEY Kbit. 
CONTENT KEY Kcon) ENCRYPTED WITH STORAGE KEY Kstr, 
IN MEMORY OF RECORDING DEVICE 

^/S3005 


FIG.- 30 
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READ DATA (EX. BLOCK INFORMATION TABLE KEY Kbit, 
CONTENT KEY Kcon) ENCRYPTED WITH STORAGE KEY Kstr. 
oUT FROM MEMORY OF RECORDING DEVICE 

/^/S3101 




COMMAND NUMBERS u-y 

\ 

i 



STORE IN REGISTER, DATA (EX. BLOCK INFORMATION 
TABLE KEY Kbit, CONTENT KEY Kcon) READ OUT FROM 
MEMORY OF RECORDING DEVICE AND ENCRYPTED WITH 
STORAGE KEY Kstr 

^X-/S3102 

\ 

r 



TAKE DATA (EX. BLOCK INFORMATION TABLE KEY Kbit, 
CONTENT KEY Kcon) ENCRYPTED WITH STORAGE KEY Kstr, 
OUT FROM REGISTER AN DECRYPT THEM WITH 
STORAGE KEY Kstr 

^/S3103 


\ 

r 



USE SESSION KEY Kses TO ENCRYPT DATA (EX. BLOCK 
INFORMATION TABLE KEY Kbit, CONTENT KEY Kcon) 
DECRYPTED WITH STORAGE KEY Kstr 





\ 

I 



TRANSMIT DATA (EX. BLOCK INFORMATION TABLE KEY Kbit, 
CONTENT KEY Kcon) ENCRYPTED WITH SESSION KEY Kses. 
FROM RECORDING DEVICE TO RECORDING AND 
REPRODUCING DEVICE 

/-V/S3105 


FIG. 31 
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FORMAT TYPE 0 AND 1 DOWNLOAD PROCESS 


C START ) 


SI 01 


MUTUAL AUTHENTICATION WITH 
RECORDING DEVICE AND SHARE 
SESSION KEY (SEE FIG. 20) 


S102 


READ OUT HEADER 


SI 03 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



SI 05 


OBTAIN OR GENERATE 
DISTRIBUTION KEY Kdis 


S106 


DECRYPT BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Kcon 


S107 


DECRYPT BLOCK INFORMATION TABLE 


S108 


GENERATE ICVb' FROM BLOCK 
INFORMATION TABLE KEY Kbit. 
CONTENT KEY Kcon. AND BLOCK 
INFORMATION TABLE 



S1 10 


GENERATE INTERMEDIATE- 
INTEGRITY CHECK VALUE FROM 
ICVa, ICVb. ICV1, ... ICVN 


I 


S1 1 1 


GENERATE TOTAL ICVt' FROM 
INTERMEDIATE INTEGRITY CHECK VALUE 


S112 



S113 


READ OUT BLOCK DATA 


S114 


DECRYPT BLOCK DATA 
AND GENERATE ICVi' 



S117 


ENCRYPT BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Kcon WITH SESSION KEY 
Kses AND TRANSMIT THEM TO 
RECORDING DEVICE 


S11 


RECEIVE BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Kcon ENCRYPTED WITH 
STORAGE KEY Kses, FROM 
RECORDING DEVICE 



S120 


GENERATE UNIQUE INTEGRITY 
CHECK VALUE ICVdev FROM INTER- 
MEDIATE INTEGRITY CHECK VALUE 


S12 


FORM DATA FORMAT TO BE STORED 
IN EXTERNAL MEMORY OF 
RECORDING DEVICE 


SI 22 


TRANSMIT DATA TO RECORDING 
DEVICE AND STORE THEM IN 
EXTERNAL MEMORY IN DEVICE 


FIG. 39 
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FORMAT TYPE 2 DOWNLOAD PROCESS 


C START ) 


S101 


MUTUAL AUTHENTICATION WITH 
RECORDING DEVICE AND SHARE 
SESSION KEY (SEE FIG. 20) 


S102 


READ OUT HEADER 


SI 03 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



S105 


OBTAIN OR GENERATE 
DISTRIBUTION KEY Kdis 


S106 


DECRYPT BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 

KEY Kcon 


I 


J2£ 


S107 


IDECRYPT BLOCK INFORMATION TABLE 
{ ^ 108 


GENERATE ICVb' FROM BLOCK 
INFORMATION TABLE KEY Kbit. 
CONTENT KEY Kcon. AND BLOCK 
INFORMATION TABLE 



S152 


GENERATE INTERMEDIATE 
INTEGRITY CHECK VALUE FROM 
ICVa, ICVb, AND CONTENT DATA 


^S111 


GENERATE TOTAL ICVt' 
FROM INTERMEDIATE INTEGRITY 
CHECK VALUE 



S1 17 


ENCRYPT BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Kcon WITH SESSION KEY 
Kses AND TRANSMIT THEM T 
RECORDING DEVICE 


S118 


RECEIVE BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Kcon ENCRYPTED WITH 

STORAGE KEY Kses. 
FROM RECORDING DEVICE 



S120 


GENERATE UNIQUE INTEGRITY 
CHECK VALUE ICVdev FROM 
INTERMEDIATE INTEGRITY 
CHECK VALUE 


S121 


FORM DATA FORMAT TO BE STORED 
IN EXTERNAL MEMORY OF 
RECORDING DEVICE 


S122 


TRANSMIT DATA TO RECORDING 
DEVICE AND STORE THEM IN 
EXTERNAL MEMORY IN DEVICE 


5 


FIG. 40 


C END ) 
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FORMAT TYPE 3 DOWNLOAD PROCESS 


C 


START 

m 


S101 


MUTUAL AUTHENTICATION WITH 
RECORDING DEVICE AND SHARE 
SESSION KEY (SEE FIG. 20) 


SI 02 


READ OUT HEADER 


S103 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



SI 05 


OBTAIN OR GENERATE 
DISTRIBUTION KEY K<jis 


I 


SI 61 


DECRYPT BLOCK INFORMATION 
TABLE KEY Kbit 


S107 


DECRYPT BLOCK INFORMATION TABLE 


SI 62 


GENERATE ICVb' FROM BLOCK 
INFORMATION TABLE KEY Kbit 
AND BLOCK INFORMATION TABLE 



S151 


READ OUT ALL CONTENT DATA 


S152 


GENERATE INTERMEDIATE 
INTEGRITY CHECK VALUE FROM 
ICVa, ICVb, AND CONTENT DATA 


S1 11 


GENERATE TOTAL ICVt' FROM 
INTERMEDIATE INTEGRITY 
CHECK VALUE 



S163 


DECRYPT BLOCK KEY Kbic 


S164 


ENCRYPT BLOCK INFORMATION 
TABLE KEY Kbit AND BLOCK 
KEY Kbic WITH SESSION KEY 
Kses AND TRANSMIT THEM TO 
RECORDING DEVICE 


SI 65 


RECEIVE BLOCK INFORMATION 
TABLE KEY Kbit AND BLOCK 
KEY Kbic WITH STORAGE KEY 

Kstr, FROM RECORDING DEVICE 



SI 20 


GENERATE UNIQUE INTEGRITY 
CHECK VALUE ICVdev. FROM 
INTERMEDIATE INTEGRITY 
CHECK VALUE 


S121 


FORM DATA FORMAT TO BE 
STORED IN EXTERNAL MEMORY 
OFRECORD I NG DEVICE 


S122 


TRANSMIT DATA TO RECORDING 
DEVICE AND STORE THEM IN 
EXTERNAL MEMORY IN DEVICE 


FIG. 41 
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FORMAT TYPE 0 REPRODUCTION PROCESS 

c 


START 


D 


S201 


MUTUAL AUTHENTICATION WITH RECORDING 
DEVICE AND SHARE SESSION KEY 

(SEE FIG. 20) 


^202 


READ OUT HEADER 


^/S203 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



TRANSMIT BLOCK INFORMATION TABLE KEY 
Kbit AND CONTENT KEY Keen ENCRYPTED WITH 
STORAGE KEY Kstr. TO RECORDING DEVICE 


^S206 


RECEIVE BLOCK INFORMATION TABLE KEY 
Kbit AND CONTENT KEY Koon ENCRYPTED 
WITH SESSION KEY Kstr, FROM 
RECORDING DEVICE 


^207 


DECRYPT BLOCK INFORMATION TABLE 
KEY Kbit AND CONTENT KEY Koon 


J. 


^S208 


DECRYPT BLOCK INFORMATION TABLE 
| ^/S20"9 


GENERATE ICVb' FROM BLOCK INFORMATION 
TABLE KEY Kbit. CONTENT KEY Kcon. 
AND BLOCK INFORMATION TABLE 



S211 


GENERATE INTERMEDIATE INTEGRITY CHECK] 
VALUE FROM ICVa, ICVb, ICV1. . . . ICVN 



■S213 


GENERATE UNIQUE INTEGRITY CHECK 
VALUE ICVdev' FROM INTERMEDIATE 
INTEGRITY CHECK VALUE 


(B) 



(A) 


S217 


READ OUT BLOCK DATA 



S219 


S221 


S223 


FORM CONTENT PLAIN TEXT DATA 
FOR EXECUTION (REPRODUCTION) 
ON SYSTEM RAM 



S225 


EXECUTE AND REPRODUCE CONTENT 
(PROGRAM OR- DATA) 


(B)- 


C END ) 


•S215 


GENERATE TOTAL ICVt' FROM 
INTERMEDIATE INTEGRITY CHECK VALUE 


S216 


FIG. 42 
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FORMAT TYPE 1 


C 


REPRODUCTION PROCESS 
,S201 


START 


MUTUAL AUTHENTICATION WITH RECORDING 
DEVICE AND SHARESESSION KEY (SEE FIG. 20) 
| ^S202 


READ OUT HEADER 


/^S203 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



TRANSMIT BLOCK INFORMATION TABLE 

KEY Kbit AND CONTENT KEY Kcon 
ENCRYPTED WITH STORAGE KEY Kstr, TO 
RECORDING DEVICE 


I 


^S206 


RECEIVE BLOCK INFORMATION TABLE KEY 
Kbit AND CONTENT KEY Kcon ENCRYPTED 
WITH SESSION KEY Kstr, FROM 

RECORDING DEVICE 


^xS207 


DECRYPT BLOCK INFORMATION TABLE KEY 
Kbit AND CONTENT KEY Kcon 


^S208 


DECRYPT BLOCK INFORMATION TABLE 


^209 


GENERATE ICVb' FROM BLOCK INFORMATION 
TABLE KEY Kbit, CONTENT KEY Kcon, 
AND BLOCK INFORMATION TABLE 



GENERATE INTERMEDIATE INTEGRITY CHECK 
VALUE FROM ICVa, ICVb. ICV1. ... ICVN 


GENERATE UNIQUE INTEGRITY 
CHECK VALUE ICVde/ FROM 
INTERMEDIATE INTEGRITY CHECK VALUE 



(A) 


S217 


READ OUT BLOCK DATA 


S231 


DECRYPT ENCRYPTED PARTS AND 
GENERATE PARTS ICV 


YES 


S232 


CREATE BLOCK ICVi' 



S223 


FORM CONTENT PLAIN TEXT DATA 
FOR EXECUTION (REPRODUCTION) 
ON SYSTEM RAM 



S225 


EXECUTE AND REPRODUCE CONTENT 
(PROGRAM OR DATA) 


(B)- 


C END ) 



S215 


GENERATE TOTAL ICVt' 
FROM INTERMEDIATE INTEGRITY 
CHECK VALUE 



FIG. 43 
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( START ) 


S201 


MUTUAL AUTHENTICATION WITH 
RECORDING DEVICE AND SHARE 
SESSION KEY (SEE FIG. 20) 


/^S202 


READ OUT HEADER 


^203 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



S205 


TRANSMIT BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Koon ENCRYPTED WITH 
STORAGE KEY Kstr, TO 
RECORDING DEVICE 


f 


^206 


RECEIVE BLOCK INFORMATION 
TABLE KEY Kbit AND CONTENT 
KEY Kcon ENCRYPTED WITH 
SESSION KEY Kstr. FROM 
RECORDING DEVICE 


^5207 


DECRYPT BLOCK INFORMATION 
TABLE KEY Kbit AND 
CONTENT KEY Kcon 


x^S208 


DECRYPT BLOCK INFORMATION TABLE 


^209 


GENERATE ICVb' FROM BLOCK 
INFORMATION TABLE KEY Kbit. 
CONTENT KEY Kcon, AND BLOCK 
INFORMATION TABLE 



(A) 


S217 


READ OUT BLOCK DATA 


S241 


DECRYPT BLOCK KEY Kbio 


DECRYPT B 


S242 


.OCK DATA 


S243 


EXECUTE AND REPRODUCE CONTENT 
(PROGRAM OR DATA) 



FIG. 44 
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FORMAT TYPE 3 REPRODUCTION PROCESS 


( START ) 


S201 


MUTUAL AUTHENTICATION WITH 
RECORDING DEVICE AND SHARE 
SESSION KEY (SEE FIG. 20) 


^S202 


READ OUT HEADER 


^S203 


GENERATE ICVa' FROM CONTENT 
ID AND USAGE POLICY 



TRANSMIT BLOCK INFORMATION 
TABLE KEY Kbit ENCRYPTED 
WITH STORAGE KEY Kstr, 
TO RECORDING DEVICE 


^S252 


RECEIVE BLOCK INFORMATION 

TABLE KEY Kbit ENCRYPTED 
WITH SESSION KEY Kstr, FROM 
RECORDING DEVICE 


z^S253 


DECRYPT BLOCK INFORMATION 
TABLE KEY Kbit 


I 


^S208 


DECRYPT BLOCK INFORMATION TABLE 
\ ^S25^ 


GENERATE ICVb' FROM BLOCK 
INFORMATION TABLE KEY Kbit 
AND BLOCK INFORMATION TABLE 



(A) 


S217 


READ OUT BLOCK DATA 


S255 


TRANSMIT BLOCK KEY Kbio 
ENCRYPTED WITH STORAGE KEY 
Kstr. TO RECORDING DEVICE 


S256 


RECEIVE BLOCK KEY Kbic 
ENCRYPTED WITH SESSION KEY 
Kses. FROM RECORDING DEVICE 


S257 


DECRYPT BLOCK KEY Kbic 


S242 


DECRYPT BLOCK DATA 

J 


S243 


EXECUTE AND REPRODUCE 
CONTENT (PROGRAM OR DATA) 



C END ) 


FIG. 45 
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ICV GENERATOR 
(EX. CONTENT PROVIDER) 


DATA TO BE VERIFIED 
SUCH AS CONTENT 


DELIVER 


ICV COMMON 
KEY Kiev 


ICV VERIFIER 
(EX. CONTENT USER) 


DATA TO BE VERIFIED 
SUCH AS CONTENT 


ICV 


DISTRIBUTION 
»- 


ICV 


ICV GENERATION 
SHARED KEY 
Kiev FOR ICV 


COMPARISON 
=? 


ICV 


FIG. 46 


(EX. 


ICV GENERATOR 
CONTENT PROVIDER) 


ICV VERIFIER 
(EX. CONTENT USER) 


DATA TO BE VERIFIED 
SUCH AS CONTENT 


DELIVER 


DATA TO BE VERIFIED 
SUCH AS CONTENT 


calculation; 
—tr^ 


VERIFIED 
VALUE 


GENERATOR' S 
SECRETE KEY 


ICV CREATION 


GENERATOR' S 
PUBLIC KEY 
Kpub 


I ? COMPARE 


ICV 


DELIVER 


ICV 


■ 

VERIFIED 


VALUE 

CALCULATE 
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METHOD FOR GENERATING INDIVIDUAL KEY FROM MASTER KEY -(1) 


[BASIC FLOW] 

CONTENT PRODUCER OR MANAGER 

( START PRODUCING CONTENT ) 


I 


S501 


DETERMINE ID FOR CONTENT 
(CONTENT ID) 


S502 


GENERATE KEY 
(EX. DISTRIBUTION Kdis) FROM 
MASTER KEY (EX. DISTRIBUTION- 
KEY-GENERATING MASTER KEY: 
MKdis) AND CONTENT ID 


S503 


ENCRYPT PART OR ALL OF 
CONTENT WITH KEY (EX. 
DISTRIBUTION KEY Kdis) 


C END PRODUCING CONTENT j 


USER DEVICE 


C START USING CONTENT ) 


I 


S504 


READ OUT CONTENT ID 

1 


^1 


S505 


GENERATE KEY 
(EX. DISTRIBUTION Kdis) FROM 
CONTENT ID AND MASTER KEY 
(EX. DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdis) 


S506 


DECRYPT ENCRYPTED PART OF 

CONTENT WITH KEY 
(EX. DISTRIBUTION key Kdis) 


S507 


USE CONTENT 


I 


( END USING CONTENT ) 


[KEY OWNER CONFIGURATION] 
CONTENT PRODUCER OR MANAGER 


USER DEVICE 


MASTER KEY 
(EX. DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdis) 


SHARE 


MASTER KEY 
(EX. DISTRIBUTION-KEY 
GENERATING MASTER KEY: MKdis) 


CONTENT ID 


ID PROTECTED 
CONTENT 


FIG. 50 
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METHOD FOR GENERATING INDIVIDUAL KEY FROM MASTER KEY -(2) 
[BASIC FLOW] 

C ONTENT PRODUCER OR MANAGER 

( START_PRODUCIN G CONTENT ) 


USER DEVICE 


I 


j2± 


■S511 


DETERMINE ID FOR CONTENT 
(CONTENT ID) 


S512 


SELECT MASTER KEY MASTER KEY (EX. 
D I STR I BUT I ON-KEY-GENERAT I NG 
MASTER KEY:MKdis 1. ... N) 

DEPENDING ON APPARATUS FOR WHICH 
USE OF CONTENT IS PERMITTED 

S513 


GENERATE KEY (EX. DISTRIBUTION- 
KEY-GENERATING MASTER KEY -MKdis 
1. ... n) FROM MASTER KEY (EX. 
D I STR I BUT I ON-KEY-GENERAT I NG 
MASTER KEY: MKdis 1. ... n) 
DEPENDENT ON APPARATUS FOR WHICH 
USE OF CONTENT IS PERMITTED 
AS WELL AS CONTENT ID 


S514 


GENERATE ENCRYPTED CONTENTS 
CI. ... N FROM PART OR ALL OF 
CONTENT WITH KEY (EX. DISTRIB- 
UTION KEY Kdis 1. ... n) 


S515 


GROUP CONTENT ID, IDENTIFICATION 

INFORMATION FOR MASTER KEY 
USED, AND ENCRYPTED CONTENT INTO 
ONE DISTRIBUTED UNIT 


C END PRODUCING CONTENT) 


( START USING CONTENT 

7 


DISTRIBUTED MASTER KEY 
IDENTIFICATION INFORMATION 
MATCH WITH OWNED MASTER KEY?. 


I 



•S517 


READ OUT CONTENT ID 


S518 


GENERATE KEY (EX. DISTRIBUTION 

Kdis) FROM CONTENT ID AND 
MASTER KEY (EX. DISTRIBUTION- 
KEY-GENERATING MASTER KEY: MKdis) 


S519 


DECRYPT ENCRYPTED PART OF 
CONTENT WITH KEY (EX. DISTRIBU- 
TION KEY Kdis) 


I 


S520 


USE CONTENT 

I 


C END USING CONTENT ) 


[KEY OWNER CONFIGURATION] 
CONTENT PRODUCER OR MANAGER 


MASTER KEY 
(EX. DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdi 


USER DEVICE 


SHARE 


MASTER KEY 
(EX. DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdis) 


CONTENT ID 


ID PROTECTED 
CONTENT 


FIG. 51 
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METHOD FOR GENERATING INDIVIDUAL KEY 

[BASIC FLOW] 

MEDIUM PRODUCER OR MANAGER 


FROM MASTER KEY -(3) 


USER DEVICE 


C START PRODUCING MEDIUM ) ( START USING MEDIUM ) 


S521 


DETERMINE ID FOR MEDIUM 
(MEDIUM ID) 


S522 


GENERATE KEY (EX. 
D I STR I BUT I ON-KEY-GENERAT I NG 

MASTER KEY: MKdis) FROM 
MASTER KEY (EX. DISTRIBUTION- 
KEY-GENERATING MASTER KEY: 
MKdis) AND MEDIUM ID 


I 


S523 


ENCRYPT PART OR ALL OF 
CONTENT WITH KEY (EX. 
DISTRIBUTION KEY Kdis) 


S524 


READ OUT MEDIUM ID 


S525 


GENERATE KEY (EX. 
DISTRIBUTION KDIS) FROM 
MEDIUM ID AND MASTER KEY 
(EX. DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdis) 


S526 


DECRYPT ENCRYPTED PART OF 
CONTENT WITH KEY (EX. 
DISTRIBUTION KEY Kdis) 


I 


^1 


S527 


USE CONTENT 


( END PRODUCING MEDIUM ) ( END USING MEDIUM ) 


[KEY OWNER CONFIGURATION] 

MEDIA CREATION OR ADMINISTRATOR 


MASTER KEY (EX. 
DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdis) 


USER DEVICE 


SHARE, 


MASTER KEY (EX. 
DISTRIBUTION-KEY- 
GENERATING MASTER KEY: MKdis) 



. FIG. 53 
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METHOD FOR GENERATING INDIVIDUAL KEY FROM MASTER KEY -(4) 
[BASIC FLOW] 

RECORDING AND REPRODUCING DEVICE USER SYSTEM MANAGER 


(START CONTENT STORAGE PROCESS) 


S531 


GENERATE KEY (EX. CONTENT 
KEY: Kcon) FROM MASTER KEY 
(EX. CONTENT-KEY-GENERATING 

MASTER KEY: MKcon) AND 
RECORDING AND REPRODUCING 
DEVICE ID 


S532 


ENCRYPT PART OR ALL OF 

CONTENT WITH KEY 
(EX. CONTENT KEY Kcon) 


S533 


STORE ENCRYPTED CONTENT IN 
STORAGE MEDIUM 


1 

( END CONTENT STORAGE ) 


C 


START STORED DATA 
RECOVERY. PROCESS 


S534 


READ OUT CONTENT ID 


S535 


GENERATE KEY (EX. CONTENT 
Kcon) FROM RECORDING AND 

REPRODUCING DEVICE ID AND 
MASTER KEY (EX. CONTENT-KEY- 
GENERATING MASTER KEY: MKcon) 


S536 


DECRYPT ENCRYPTED PART OF 
CONTENT WITH KEY 
(EX. CONTENT KEY Kcon) 


c 


END STORED DATA 
RECOVERY PROCESS 


J 


[KEY OWNER CONFIGURATION] 

RECORDING AND REPRODUCING DEVICE USER 


MASTER KEY 
(EX. CONTENT-KEY-GENERATING 
MASTER KEY: MKcon) 


c SHARE y 


RECORDING AND 
REPRODUCING 
DEVICE ID 


ENCRYPTED 
CONTENT 


SYSTEM MANAGER 


MASTER KEY 
(EX. CONTENT-KEY-GENERATING 
MASTER KEY: MKcon) 


FIG. 54 
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METHOD FOR GENERATING INDIVIDUAL KEY FROM MASTER KEY -(5) 
[BASIC FLOW] 


SLAVE DEVICE 
(EX. RECORDING DEVICE) 


HOST DEVICE 
(EX. RECORDING AND REPRODUCING DEVICE) 


C 


START SLAVE DEVICE 
INITIALIZATION PROCESS 


^S54 1 


GENERATE KEY 
(EX. AUTHENTICATION KEY: Kake) 
FROM MASTER KEY (EX. 
AUTHENTICATION-KEY- 
GENERATING MASTER KEY: MKake) 
AND SLAVE DEVICE ID 


S542 


STORE AUTHENTICATION KEY IN 

INTERNAL MEMORY OF SLAVE 
DEVICE (EX. CONTENT KEY Kcon) 


c 


END SLAVE DEVICE 
INITIALIZATION PROCESS 


START MUTUAL 
AUTHENTICATION PROCESS 


S543 


READ OUT SLAVE DEVICE ID 


S544 


GENERATE KEY (EX. 
AUTHENTICATION KAKE) FROM 
SLAVE DEVICE ID AND MASTER 
KEY (EX. AUTHENTICATION-KEY- 
GENERATING MASTER KEY: MKake) 


S545 


EXECUTE AUTHENTICATION 
PROCESS WITH KEY (EX. 
AUTHENTICATION KEY Kake) 
(SEE FIG. 20) 


c 


END MUTUAL 
AUTHENTICATION PROCESS 


[KEY OWNER CONFIGURATION] 

SLAVE DEVICE 
(EX. RECORDING DEVICE) 


MASTER KEY 
(EX. AUTHENTICATION-KEY- 
GENERATING MASTER KEY: MKake) 


HOST DEVICE 
(EX. RECORDING AND REPRODUCING DEVICE) 


^ SHARE > 


MASTER KEY 
(EX. AUTHENTICATION-KEY- 
GENERATING MASTER KEY: MKake) 


SLAVE 
DEVICE ID 


AUTHENTICATION 
KEY 
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METHOD FOR GENERATING INDIVIDUAL KEY FROM MASTER KEY -(5) 


RECORDING AND REPRODUCING 
DEVICE 300 SIDE PROCESS 


RECORDING DEVICE 400 
SIDE PROCESS 


EXECUTE AUTHENTICATION AND 
GENERATE SESSION KEY Kses 


;S302. 


GENERATE AND COLLATE EACH 
INTEGRITY CHECK VALUE ICV 


S303. 


DECRYPT CONTENT KEY Kc1 , Kc2, 
(Kc3) ENCRYPTED WITH 
DISTRIBUTION KEY Kdis 


;S304> 


ENCRYPT CONTENT KEY Kc1 WITH 
SESSION KEY Kses AND TRANSMIT 
IT TO STORAGE DEVICE 


:S307 


ENCRYPT CONTENT KEY Kc2 WITH 
SESSION KEY Kses AND TRANSMIT 
IT TO STORAGE DEVICE 


IS310. 


ENCRYPT CONTENT KEY Kc3 WITH 
SESSION KEY Kses AND TRANSMIT 
IT TO STORAGE DEVICE 


:S313> 


FORM AND TRANSMIT DATA 
FORMAT TO RECORDING DEVICE 


AUTHENTICATION PROCESS & 
CREATION OF SESSION KEY Kses 


S301 


S305 


DECRYPT CONTENT KEY Kc1 
WITH SESSION KEY Kses 


.S306 


ENCRYPT CONTENT KEY Kc1 WITH 
STORAGE KEY Kstr AND TRANSMIT 
IT TO RECORDING DEVICE 


.S308 


DECRYPT CONTENT KEY Kc2 WITH 
SESSION KEY Kses 


.S309 


ENCRYPT CONTENT KEY Kc2 WITH 
STORAGE KEY KSTR AND TRANSMIT 
IT TO RECORDING DEVICE 


,S311 


DECRYPT CONTENT KEY Kc3 WITH 

SESSION KEY Kses 


S312 


ENCRYPT CONTENT KEY Kc3 WITH 
STORAGE KEY Kstr AND TRANSMIT 
IT TO RECORDING DEVICE 


S314 


STORE CONTENT KEY: Kc1,Kc2 
(Kc3) ENCRYPTED WITH STORAGE 
KEY Kstr IN EXTERNAL MEMORY 
OF RECORDING DEVICE 


FIG. 56 
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C START ) 


S611 


AUTHENTICATE EACH INSTALLED 
RECORDING DEVICE (SEE FIG, 20) 


*4J 

Si 


jo 


S612 


EXTRACT ACTIVE PROGRAMS (WHOSE CONTENT 
TYPE IS PROGRAM) FROM STORAGE MEDIUM OF 
AUTHENTICATED RECORDING DEVICE 


S613 


SELECT ONE OF EXTRACTED ACTIVE PROGRAMS 
WHICH HAS HIGHEST PRIORITY INFORMATION 


S614 


ACTIVATE SELECTED PROGRAM 


C END ) 


FIG. 57 
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( START ) 


S621 


AUTHENTICATE INSTALLED RECORDING 
DEVICE (i) (SEE FIG. 20) 



S628 


S623 


RETRIEVE ACTIVE PROGRAMS (WHOSE 
CONTENT TYPE IS PROGRAM) FROM 
STORAGE MEDIUM OF AUTHENTICATED 
RECORDING DEVICE 


/ANY ACTIVE PROGRAM (WHOSE CONTENT 
TYPE IS PROGRAM) IN STORAGE MEDIUM 
OF AUTHENTICATED RECORDING 
DEVICE? 



I=i+1 


S627 


RETRIEVAL OF CONTENT 
FROM INSTALLED RECORDING 
DEVICE COMPLETED? 


YES 


SELECT ONE OF E 
PROGRAMS WHICH HAJ 
INFORII 

XTRACTED ACTIVE 
> HIGHEST PRIORITY 
flATION 

\ 

r 

ACTIVATE SELECTED PROGRAM 


S625 


S626 


C END ) 



YES 


FIG. 58 


57/93 


09/937120 


o 
w 


4i 


( START ) 


S651 


AUTHENTICATE EACH INSTALLED 
RECORDING DEVICE (SEE FIG. 20) 


J2± 


S652 


EXTRACT ACTIVE PROGRAMS (WHOSE CONTENT 
TYPE IS PROGRAM) FROM STORAGE MEDIUM OF 
AUTHENTICATED RECORDING DEVICE 


S653 


DISPLAY EXTRACTED ACTIVE PROGRAMS 
ON DISPLAY MEANS 


S654 


RECEIVE SELECTION INPUT 
FROM USER 


^1 


S655 


ACTIVATE USER SELECTE D PROGRAM 



( END ) 


FIG. 59 
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09/ 


f START DATA 'N 
^ REPRODUCTION PROCESS J 


^671 


DISPLAY ON MONITOR, 
REPRODUCED DATA INFORMATION PRESENT 
IN MEMORY (EX. TITLES) 


^S672 


RECEIVE DATA SELECTED BY USER 
FROM REPRODUCED DATA INFORMATION 
DISPLAYED ON MONITOR 


S673 


SELECT DATA FROM MEMORY IN ACCORDANCE 
WITH USER' S SELECTION AND EXECUTE 
REPRODUCTION (DECOMPRESSION) PROCESS 


f END DATA *\ 

\^ REPRODUCTION PROCESS J 


FIG. 62 
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c 


START DATA 
REPRODUCTION PROCESS 


) 


S675 


DISPLAY ON MONITOR, 
REPRODUCED DATA INFORMATION PRESENT 
IN. MEMORY (EX. TITLES) 


.FU 


ru 


RECEIVE DATA SELECTED BY USER 


FROM REPRODUCED 


^1 


S676 


DATA INFORMATION 


DISPLAYED ON MONITOR 


S677 


RETRIEVE REPRODUCED PROGRAM 
DEPENDENT ON DATA SELECTED BY USER. 
FROM MEMORY OR PROGRAM PROVIDING MEANS 
ACCESSIBLE TO REPRODUCTION APPARATUS 



EXTRACT DATA FROM MEMORY IN ACCORDANCE 
WITH USER' S SELECTION AND EXECUTE 
REPRODUCTION (DECOMPRESSION) PROCESS 


END DATA 
REPRODUCTION PROCESS 


) 


FIG. 64 
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-< 



09/ 


C 


START DATA 
REPRODUCTION PROCESS 


S681 


SET AS RETRIEVAL LIST. 
REPRODUCED DATA INFORMATION PRESENT 
IN MEMORY (EX. TITLES) 


S682 


SELECT HIGH PRIORITY DATA 
FROM RETRIEVAL LIST 


S683 


SELECT DATA FROM MEMORY IN ACCORDANCE 

WITH USER' S SELECT I ONAND EXECUTE 
REPRODUCTION (DECOMPRESSION) PROCESS 


c 


END DATA 
REPRODUCTION PROCESS 


FIG. 66 


65/93 
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C 


START DATA . 
REPRODUCTION PROCESS 


) 


S691 


SET AS RETRIEVAL LIST, REPRODUCED DATA 
INFORMATION PRESENT IN MEMORY (EX. TITLES) 


\ 

, /V/S692 

SELECT HIGH PRIORITY DATA FROM 


RETRIEVAL LIST 

•e 

\ 


S693 

RETRIEVE REPRODUCED PROGRAM DEPENDENT ON 
DATA SELECTED BY USER. FROM MEMORY OR 
PROGRAM PROVIDING MEANS ACCESSIBLE TO 
REPRODUCTION APPARATUS 




^696 


DELETE FROM RETRIEVAL 
LIST DATA TO WHICH SAME 
PROGRAM IS APPLIED 


S695 


EXTRACT DATA FROM MEMORY IN ACCORDANCE 
WITH USER' S SELECTION AND EXECUTE 
REPRODUCTION (DECOMPRESSION) PROCESS 



END DATA REPRODUCTION 
PROCESS 


9 


FIG. 68 
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(1) EXAMPLE OF SAVE DATA STORAGE PROCESS USING CONTENT UNIQUE KEY CONTENT 

OR SYSTEM COMMON KEY 


C 


START SAVE DATA 
STORAGE PROCESS 


3 


S701 


READ OUT CONTENT ID (EX. GAME ID) 



S703 


READ CONTENT UNIQUE KEY (EX. CONTENT 
KEY Kcon) OUT FROM CONTENT DATA AND 
GENERATE SAVE DATA ENCRYPTION KEY Ksave 
BASED ON CONTENT UNIQUE KEY 
(EX. CONTENT KEY) 


\ 


ENCRYPT SAVE DATA WITH SAVE DATA 
ENCRYPTION KEY Ksa* 



STORE ENCRYPTED SAVE DATA IN 
RECORDING DEVICE 



WRITE CONTENT IDENTIFIER (GAME ID) AND 
PROGRAM LOCALIZATION (YES/NO) TO DATA 
MANAGING FILE 


S707 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE 
KEY Ksys) OUT FROM 
RECORDING AND REPRODUCING 
DEVICE AND GENERATE SAVE 
DATA ENCRYPTION KEY Ksave 
BASED ON SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY) 


/S704 


S705 


S706 


C 


END SAVE DATA 
STORAGE PROCESS 


J 


FIG. 70 
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(2) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING CONTENT UNIQUE KEY 

OR SYSTEM COMMON KEY 


c 


START SAVE DATA 
REPRODUCTION PROCESS 


0 



r 


S711 

READ OUT CONTENT 

ID (EX. GAME ID) 




r 


S712 

READ CONTENT ID (ID) AND PROGRAM 
LOCALIZATION (YES/NO) OUT FROM 
DATA MANAGING FILE 




S714 


READ KEY UNIQUE TO CONTENT (EX. CONTENT 

KEY Kcon) OUT FROM CONTENT DATA AND 
GENERATE SAVE DATA DECRYPTION KEY Ksave 
BASED ON KEY UNIQUE TO CONTENT 
(EX. CONTENT KEY) 


\ 

t ^ 

DECRYPT SAVE DATA WITH SAVE DATA 
DECRYPTION KEY Ksav 

\ 


REPRODUCE AND EXECUTE DECRYPTED SAVE DATA 
IN RECORDING DEVICE 


S715 


S717 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
DECRYPTION KEY KSAVE BASED 

ON SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY) 


S716 


END SAVE DATA 
REPRODUCTION PROCESS 
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(3) EXAMPLE OF SAVE DATA STORAGE PROCESS USING CONTENT ID OR 

SYSTEM COMMON KEY 


C 


START SAVE DATA 
STORAGE PROCESS 


) 



S721 


^723 


READ CONTENT ID (EX. GAME ID) OUT FROM 

CONTENT DATA AND GENERATE SAVE DATA 
ENCRYPTION KEY KSAVE BASED ON CONTENT ID 
(EX. GAME ID) 


\ 


ENCRYPT SAVE DATA WITH SAVE DATA 
ENCRYPTION KEY Ksav 


f 

STORE ENCRYPTED SAVE DATA IN 
RECORDING DEVICE 

\ 


WRITE CONTENT ID (GAME ID) AND PROGRAM 
LOCALIZATION (YES/NO) TO DATA 
MANAGING FILE 


sin 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
ENCRYPTION KEY KSAVE BASED 

ON SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY) 
I 


C 


END SAVE DATA 
STORAGE PROCESS 


D 


FIG. 73 
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(4) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING CONTENT 

SYSTEM COMMON KEY 


ID OR 


G 


START SAVE DATA 
REPRODUCTION PROCESS 



, ^xS731 

READ OUT CONTENT ID (EX. GAME ID) 



, ^S732 

READ CONTENT ID (GAME ID) AND PROGRAM 
LOCALIZATION (YES/NO) OUT FROM DATA 
MANAGING FILE 




S734 


READ KEY CONTENT ID (EX. GAME ID) OUT 
FROM CONTENT DATA AND GENERATE SAVE 
DATA DECRYPTION KEY Ksav BASED ON 
CONTENT ID (EX. GAME ID) 


S735 


DECRYPT SAVE DATA WITH SAVE DATA 
ENCRYPTION KEY Ksav 


^S737 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
DECRYPTION KEY KSAVE BASED 
ON SYSTEM COMMON KEY (EX. 
SYSTEM SIGNATURE KEY) 


J 


S736 


REPRODUCE AND EXECUTE DECRYPTED SAVE DATA 
FROM RECORDING AND REPRODUCING DEVICE 


c 


END SAVE DATA 
REPRODUCTION PROCESS 
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(5) EXAMPLE OF SAVE DATA STORAGE PROCESS USING RECORDING AND 
. REPRODUCING DEVICE UNIQUE KEY OR SYSTEM COMMON KEY 


c 


END SAVE DATA 
STORAGE PROCESS 



S741 


S743 


READ RECORDING AND REPRODUCING DEVICE 

UNIQUE KEY (EX. RECORDING AND 
REPRODUCING DEVICE SIGNATURE KEY Kdev) 
OUT FROM RECORDING AND REPRODUCING DEVICE 
AND GENERATE SAVE DATA ENCRYPTION KEY 
Ksave BASED ON RECORDING AND REPRODUCING 
DEVICE UNIQUE KEY (EX. RECORDING AND 
REPRODUCING DEVICE SIGNATURE KEY) 




ENCRYPT SAVE DATA WITH SAVE 
DATA ENCRYPTION KEY Ksav 



STORE ENCRYPTED SAVE DATA 
IN RECORDING DEVICE 

\ 


WRITE CONTENT IDENTIFIER (GAME ID), 
RECORDING AND REPRODUCING DEVICE ID. 
AND RECORDING AND REPRODUCING DEVICE 
LOCALIZATION (YES/NO) TO DATA 
MANAGING FILE 


S747 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
ENCRYPTION KEY Ksave BASED 
ON SYSTEM COMMON KEY (EX. 
SYSTEM SIGNATURE KEY) 


S744 


S745 


,S746 


C 


START SAVE DATA 
STORAGE PROCESS 


3 


FIG. 75 
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(6) 


EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING RECORDING AND 
REPRODUCING DEVICE UNIQUE KEY OR SYSTEM COMMON KEY 


0 


START SAVE DATA 
REPRODUCTION PROCESS 


) 


END SAVE DATA REP 

RODUCTION PROCESS 



READ OUT RECORDING AND REPRODUCING 
DEVICE ID (IDdev) 

\ 



S751 


S752 


S753 


READ CONTENT ID (GAME ID) , RECORDING AND 
REPRODUCING DEVICE ID, AND RECORDING AND 
REPRODUCING DEVICE LOCALIZATION (YES/NO) 
OUT FROM DATA MANAGING FILE (PROCESS. 

HOWEVER, IS ENDED IF RECORDING AND 
REPRODUCING DEVICE ID DOES NOT MATCH IN 
SETTINGS FOR RECORDING AND REPRODUCING 
DEVICE LOCALIZATION) 



S755 


READ RECORDING AND REPRODUCING DEVICE 
UNIQUE KEY (EX. RECORDING AND REPRODUCING 
DEVICE SIGNATURE KEY KDEV) OUT FROM 
RECORDING AND REPRODUCING DEVICE AND 
GENERATE SAVE DATA DECRYPTION KEY Ksave 
BASED ON RECORDING AND REPRODUCING DEVICE 
UNIQUE KEY (EX. RECORDING AND REPRODUCING 
DEVICE SIGNATURE KEY) 


S758 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
ENCRYPTION KEY KSAVE BASED 
ON SYSTEM COMMON KEY (EX. 
SYSTEM SIGNATURE KEY) 


S756 


DECRYPT SAVE DATA WITH SAVE 
DATA DECRYPTION KEY Ksav 


REPRODUCE AND EXECUTE DECRYPTED SAVE DATA 
IN RECORDING AND REPRODUCING DEVICE 


r 


S757 


c 


END SAVE DATA 
REPRODUCTION PROCESS 
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(7) EXAMPLE OF SAVE DATA STORAGE PROCESS USING RECORDING AND REPRODUCING 

DEVICE ID OR SYSTEM COMMON KEY 


C 


START SAVE DATA 
STORAGE PROCESS 


S761 


READ OUT CONTENT ID (EX. GAME ID) ] 


I 


S762 


READ OUT RECORDING AND 
REPRODUCING DEVICE ID (IDdev) 


✓S763 

"RECORDING AND~ 

Reproducing device LocALizATioh 
to be executed?^ 

[yes 


S764 


GENERATE SAVE DATA ENCRYPTION KEY KSAVE 

BASED ON READ-OUT RECORDING AND 
REPRODUCING DEVICE ID (IDdev) READ OUT 
FROM RECORDING AND REPRODUCING DEVICE 


S768 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
ENCRYPTION KEY Ksave BASED 
ON SYSTEM COMMON KEY (EX. 
SYSTEM SIGNATURE KEY) 


S765 


ENCRYPT SAVE DATA WITH SAVE 
DATA ENCRYPTION KEY Ksav 


S766 


STORE ENCRYPTED SAVE DATA 
RECORDING DEVICE 


S767 


WRITE CONTENT ID (GAME ID) . RECORDING AND 
REPRODUCING DEVICE ID. AND RECORDING AND 
REPRODUCING DEVICE LOCALIZATION (YES/NO) 
TO DATA MANAGING FILE 


C 


END SAVE DATA 
STORAGE PROCESS 
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(8) 


EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING RECORDING AND 
REPRODUCING DEVICE ID OR SYSTEM COMMON KEY 


START SAVE DATA 
REPRODUCTION PROCESS 


) 


S771 


READ OUT CONTENT ID (EX. GAME ID) 


S772 


READ OUT RECORDING AND 
REPRODUCING DEVICE ID (IDdev) 


^S773 


READ CONTENT ID (GAME I D) , RECORD I NG AND 
REPRODUCING DEVICE ID, AND RECORDING AND 
REPRODUCING DEVICE LOCALIZATION (YES/NO) 
OUT FROM DATA MANAGING FILE 
(PROCESS, HOWEVER, IS ENDED IF RECORDING 
AND REPRODUCING DEVICE ID DOES NOT MATCH 
IN SETTINGS FOR RECORDING AND REPRODUCING 
DEVICE LOCALIZATION) 



S775 


GENERATE SAVE DATA DECRYPTION KEY KSAVE 
BASED ON RECORDING AND REPRODUCING DEVICE 
(IDdev) READ-OUT FROM RECORDING AND 
REPRODUCING DEVICE ID (IDdev) 


S776 


S778 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
DECRYPTION KEY Ksave BASED 
ON SYSTEM COMMON KEY (EX. 
SYSTEM SIGNATURE KEY) 


DECRYPT SAVE DATA WITH SAVE DATA 
ENCRYPTION KEY Ksav 


S777 


REPRODUCE AND EXECUTE DECRYPTED SAVE DATA 
IN RECORDING AND REPRODUCING DEVICE 


c 


END SAVE DATA 
REPRODUCTION PROCESS 
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(11) EXAMPLE OF SAVE DATA STORAGE PROCESS USING USER PASSWORD OR 

SYSTEM COMMON KEY 


C 


START SAVE DATA 
STORAGE PROCESS 


) 



S821 


S823 


INPUT USER PASSWORD 



\ 

t 


S824 

GENERATE SAVE DATA ENCRYPTION KEY Ksav 
BASED ON USER PASSWORD 


\ 

r 


S825 

ENCRYPT SAVE DATA WITH SAVE DATA 
ENCRYPTION KEY Ksav 


< 

\ 

i 


S826 

STORE ENCRYPTED 



i 


S827 


S828 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 
' GENERATE SAVE DATA 
ENCRYPTION KEY Ksav BASED 
ON SYSTEM COMMON KEY (EX. 
SYSTEM SIGNATURE KEY) 


WRITE CONTENT ID (GAME ID) , RECORDING 
AND REPRODUCING DEVICE ID, AND USER 
PROGRAM LOCALIZATION (YES/NO) TO DATA 
MANAGING FILE 


C 


END SAVE DATA 
STORAGE PROCESS 
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(12) EXAMPLE OF SAVE DATA REPRODUCTION PROCESS USING USER PASSWORD OR 

SYSTEM COMMON KEY 


C 


START SAVE DATA 
REPRODUCTION PROCESS 


z^S831 


READ OUT CONTENT ID (EX. GAME ID) 


J2± 


S832 


READ CONTENT ID (GAME ID) AND USER 
PROGRAM LOCALIZATION (YES/NO) OUT FROM 
DATA MANAGING FILE 


S833 


3ser progr, 
localization to be 
^executed? 

[yes 


INPUT USER PASSWORD 

\ 

r ^ 

GENERATE SAVE DATA DECRYPTION KEY 
Ksav BASED ON USER PASSWORD 

\ 

t 

DECRYPT SAVE DATA WITH SAVE DATA 
DECRYPTION KEY Ksav 
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REPRODUCE AND EXECUTE DECRYPTED DATA 
FROM RECORDING AND REPRODUCING DEVICE 

1 
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S834 


S835 


S836 


S837 


READ SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY 
Ksys) OUT FROM RECORDING 
AND REPRODUCING DEVICE AND 

GENERATE SAVE DATA 
DECRYPTION KEY Ksav BASED 

ON SYSTEM COMMON KEY 
(EX. SYSTEM SIGNATURE KEY) 


S836 


END SAVE DATA 
REPRODUCTION PROCESS 
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PROVIDE CONTENT FROM MEDIUM 
(DVD, CD. OR THE LIKE) 


C START ) 


PROVIDE CONTENT 
FROM NETWORK 

( START ) 


S901 


REQUEST MEDIUM TO PROVIDE CONTENT 


OBTAIN REVOCATION 


S902 


S911 


ESTABLISH COMMUNICATION SESSION 
WITH DEL I VERY. SERVICE SIDE 


LIST INFORMATION 


S903 


EXECUTE REVOCATION LIST INTEGRITY 
CHECK VALUE ICVrev VERIFYING PROCESS 



S905 


GENERATE INTERMEDIATE INTEGRITY 
CHECK VALUE ICVt' FROM REVOCATION 
LIST INTEGRITY CHECK VALUE ICVrev 
AND PARTIAL INTEGRITY CHECK VALUE 

IN CONTENT DATA TO EXECUTE 
INTERMEDIATE INTEGRITY CHECK VALUE 
VERIFYING PROCESS 



YES 


S909 


ERROR 


S908 


C END ) 


START NORMAL PROCESS 
(EX. PROGRAM EXECUTING PROCESS) 
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PROVIDE CONTENT FROM RECORDING 
DEVICE (MEM ORY CARD OR THE LIKE) 

( START ) 
1 ^S92 1 


MUTUAL AUTHENTICATION 
PROCESS (SEE FIG. 20) 



S923 


OBTAIN REVOCATION LIST INFORMATION 


S924 


EXECUTE REVOCATION LIST INTEGRITY 
CHECK VALUE ICVREV VERIFYING PROCESS 



S926 


GENERATE INTERMEDIATE INTEGRITY 
CHECK VALUE ICVt' FROM REVOCATION 
LIST INTEGRITY CHECK VALUE ICVrev 
AND PARTIAL INTEGRITY CHECK VALUE 

IN CONTENT DATA TO EXECUTE 
INTERMEDIATE INTEGRITY CHECK VALUE 
VERIFYING PROCESS 



START NORMAL PROCESS 
(EX. PROGRAM EXECUTING PROCESS) 
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SECURITY CHIP 
MANUFACTURING PROCESS FLOW 


C START ) 


S951 


SET DATA WRITE OR READ MODE 


S952 


EXECUTE AUTHENTICATION 
PROCESS BASED ON CHIP STORAGE 
COMPLETION INFORMATION 
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ABORT PROCESS 


READ 


WRITE 


S955 


EXECUTE DATA 
WRITE PROCESS 


S956 


EXECUTE DATA 
READ PROCESS 


END DATA WRITE OR READ PROCESS 
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ABORT PROCESS 


OUTPUT TO PROCESS SECTION, A COMMAND FOR 
WRITE OF SECRET DATA TO WRITE ONLY (WO) AREA 
AND OF CHECKING DATA TO READ AND WRITE (RW) 
AREA 


S964 


PROCESS SECTION WRITES SECRET DATA TO WRITE 
ONLY (WO) AREA AND CHECKS DATA TO READ AND 
WRITE (RW) AREA FOR EXECUTION 
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END DATA ■ 
WRITE PROCESS 
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'"START PROCESS FOR CHECKING^ 
SECRET DATA WRITTEN TO WRITE 
ONLY (WO) AREA 

1 — : 


S971 


5 ' 

PROCESS SECTION EXECUTES CRYPTOGRAPH 
PROCESS USING SECRET DATA WRITTEN 
TO WRITE ONLY (WO) AREA 

y ■.' ■ . 


, ^S972 

Li;--' 

R i 
| Lj 

RECEIVE RESULT OF 
CRYPTOGRAPHY PROCESS 



, z^S973 


COMPARE RESULT OF CRYPTOGRAPHY 
PROCESS USING SECRET DATA (AFTER 
AUTHENTICATION) WRITTEN TO WRITE 
ONLY (WO) AREA WITH RESULT OF 
CRYPTOGRAPH PROCESS EXECUTED 
BY PROCESS SECTION 



ABORT PROCESS 
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END DATA CHECKING 
PROCESS 
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Explanation of Reference Numerals 
106. . .main CPU, 107. ..RAM, 108. ..ROM, 109...AV process section, 
110 ... Input process section, 111...PIO, 112. ..SIO, 300 ... recording 
and reproducing device, 301 ... control section, 302 ... cryptography 
process section, 303 ... recording device controller, 304... read 
section, 305 ... communication section, 306 ... control section, 
307. . .internal memory, 308 ... encryption/decryption section, 

400. . .recording device, 401 cryptography process section, 

402 .. .external memory, 403 ... control section, 404 ... communication 
section, 405 ... internal memory, 406 ... encryption/decryption 
section, 407 ... external memory control section, 500 .medium, 600 
communication means, 2101, 2102, 2103 ... recording and reproducing 
•device, 2104, 2105, 2106 ... recording device, 2901 ... command number 
managing section, 2 902 ... command register, 2903, 
2904 .. .authentication flag, 3001 ... speaker, 3002 . . .monitor, 
3090 .. .memory, 3091 ... content analysis section, 3092... data 
storage section, 3093 .program storage section, 

3094 .. .compression decompression process section, 7701 ... content 
data, 7702 .. .revocation list, 7703... list check value, 
8000. . .security chip, 8001 .. .process section, 8002 ... storage 
section, 8003... mode signal line, 8004 ... command signal line, 
8201... read write area, 8202... write only area. 
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